Technology used by WebGuard – Hash Functions & Digital Signatures

Digital Signatures and Hash functions are used in various cryptographic applications and legal
e-documents. Similar technology is used in WebGuard too. You can configure WebGuard in two modes to ensure data integrity.

Digital Signature Method: Legitimate webmaster's or whomever is concern for posting the web contents supplied with private key and the corresponding public certificate will be stored in the WebGuard store by the Administrator. The combination of content digest and private key helps in creation of a Digital Signature. Digital Signature and few more information about the signer comprise WebGuard Header. While delivering the content corresponding certificates are fetched from the store and used for WebGuard Header verification.

HMAC Method: This takes the advantage of hash functions keyed with passphrase. Keyed digest value for the content is stored in WebGuard Header. Legitimate Authors profile information will be loaded in WebGuard as offline process and configured passphrase is used to do the integrity check at the time of content delivery. This method of integrity check is less time consuming process than Digital Signature verification but it comes at the cost of slightly lower security.